Bangladesh unlikely to extend FireEye contract for heist probe
DHAKA Bangladesh’s central bank is unlikely to extend the contract of U.S. cyber security firm FireEye to investigate the electronic theft of $81 million of its money, sources at the bank said on Wednesday, citing high costs as one of the factors.
The move comes as a nearly four-month broader investigation into one of the world’s biggest cyber heists makes slow progress.
FireEye’s Mandiant forensics division was hired by Bangladesh Bank weeks after the cyber heist in early February. It said in an interim report that hackers took control of the bank’s network, stole credentials for sending messages on the SWIFT transactions system and used “sophisticated” malicious software to attack the computers the bank uses to process and authorize transactions.
Mandiant has said it needs 570 hours of more work to complete its investigations, a director on the board of Bangladesh Bank told Reuters. The bank has already paid about $280,000 to the company at an hourly rate of $400, he and other officials said.
All of them spoke on condition of anonymity.
Another official familiar with the computer security systems at the bank said it did not want to extend Mandiant’s contract because board members were not sure what tangible results could come from further investigation.
However, the bank director said Bangladesh Bank still planned to seek external help in the investigation, but only after drawing up new terms of reference on the basis of its own internal investigation, a police inquiry and a government-appointed separate probe.
Cost was a factor in the Mandiant decision, the director said.
“Its charges are so high…the board has discussed it and decided not to extend,” the director said, adding a formal meeting of the board on Thursday was scheduled to formally approve ending the contract with Mandiant.
A FireEye spokesman in Singapore declined comment.
The U.S. firm has already done around 700 hours of work trying to find out how the hackers got into Bangladesh Bank’s SWIFT payment system and issued instructions to the New York Fed to transfer money to accounts in the Philippines and Sri Lanka.
A third bank official said the initial purpose of hiring Mandiant had been achieved as some lapses in the bank’s computer security were identified and addressed.
“We had engaged them for a certain task. That has been completed. We don’t plan to engage them anymore,” the official said.
At Thursday’s board meeting, new terms for any possible new contract for an external investigator will be finalised, the bank director said. It wasn’t clear if FireEye would be invited to bid under the new terms.
The cyber heist is also being investigated by the U.S. Federal Bureau of Investigation and the Bangladesh police.
There is no word on who is responsible.
(Additional reporting by Ruma Paul; Editing by Raju Gopalakrishnan)